The Stroz Friedberg Cyber Brief

  FEATURED STORY            



The guilty plea of President Trump’s former national security advisor Mike Flynn has tipped off competing theories of the progress of the special counsel’s investigation into potential collusion between Russia and the Trump presidential campaign. Some legal analysts and Trump critics view Flynn’s deal, in which he pleaded guilty to lying to the FBI, as a signal that he is likely providing Robert Mueller’s inquiry with information that will incriminate others in the president’s inner circle or Trump himself.


On the other hand, some legal experts say that if Mueller had more on Flynn, he would have charged Flynn with more serious crimes. “If it were part of the basis for a ‘collusion’ case arising out of Russia’s election meddling, then Flynn wouldn’t be pleading guilty to a process crime—he’d be pleading guilty to an espionage conspiracy,” wrote Andrew C. McCarthy, a former federal prosecutor, in the National Review.

Meanwhile, the president went on the attack on Twitter over the weekend by lambasting the FBI and Mueller’s probe. In particular, he hailed the news that one of Mueller’s aides, Peter Strzok, was removed from his job over the summer for some anti-Trump text messages. Notably, the president also wrote that he had fired Flynn because Flynn lied to the vice president and the FBI, which prompted legal experts to warn that Trump could be opening himself up to obstruction of justice charges if he knew Flynn had lied to the FBI before he fired James Comey. (WSJ, Bloomberg, FT, WaPo)


Russian hacking: The FBI reportedly failed to notify scores of U.S. officials that Russian agents were trying to break into their Gmail accounts, despite having evidence for at least a year. Nearly 80 interviews with Americans targeted by Fancy Bear, a Russian government-aligned cyberespionage group, turned up only two cases in which the FBI had provided a heads-up. (AP)

Paypal: The digital payments firm said that personally identifiable information for roughly 1.6 million users has potentially been compromised at TIO Networks, a company it acquired earlier this year. PayPal paid roughly $238 million in cash to acquire TIO in a deal that closed in July. (WSJ)


Digital Privacy: After hearing oral arguments in a major Fourth Amendment case, Carpenter v. United States, legal analysts say that a majority of the U.S. Supreme Court justices seemed ready to limit the government’s power to obtain records from cellphone companies showing customers’ locations. (NYT)

Yahoo Hacker: A Canadian “hacker for hire” pleaded guilty to charges related to the massive hack at Yahoo in 2014, which affected 500 million user accounts. Karim Baratov admitted to hacking accounts on behalf of the Russian Federal Security Service. Baratov’s co-defendants all remain at large in Russia. (BBC, DOJ)

Chinese Hackers: Federal prosecutors in Pennsylvania say that three Chinese nationals, who controlled a cybersecurity company in China, used malware to steal data from three international corporations operating in the U.S., including Siemens AG. The three defendants are all charged with computer hacking, theft of trade secrets, conspiracy and identity theft. (Pittsburgh Post Gazette)

  ON THE HILL                                    

E-Surveillance Powers: Lawmakers remain divided over what changes are needed to improve privacy protections for Americans caught up in the electronic surveillance of foreigners. Section 702 of the Foreign Intelligence Surveillance Act is set to expire at the end of the year unless Congress acts. (WSJ)


Future Tech: The Defense Department has steadily increased spending in three key areas: artificial intelligence, big data, and cloud computing, according to a recent report. Investment in those areas increased to $7.4 billion last year, up from $5.6 billion five years ago. (WaPo)

NATO: The United States, Britain, Germany, Norway, Spain, Denmark, and the Netherlands are reportedly drawing up cyber warfare principles to guide their militaries, aiming for an agreement by early 2019. The 29-nation NATO alliance recognized cyber as a domain of warfare, along with land, air and sea, in 2014, but has not outlined in detail what that entails. (Reuters)

  PRIVATE SECTOR                             

Banks: Earlier this year, U.S. banks, including the likes of Bank of America, Citigroup, and JPMorgan Chase, quietly launched a doomsday project called Sheltered Harbor that they hope will prevent a run on the financial system if one of them suffers a debilitating cyberattack. (WSJ)

Uber: The ride-hailing company’s security team appears to be crumbling after a scandalous two weeks that included the surprise disclosure of a year-old data breach. On Friday, Uber confirmed three members of its security team resigned. (WSJ)

  THE WORLD                                     

China: Beijing defended its vision of “internet sovereignty” over the weekend, as it kicked off the World Internet Conference, a state-run summit that has drawn in some of the biggest global names in technology, including Apple CEO Tim Cook. (FT)

UK: Britain wants to increase regulation of Bitcoin and other digital currencies by expanding the reach of EU anti-money-laundering rules. Australia has also said it would strengthen its money- laundering laws by bringing Bitcoin providers under the government’s financial intelligence unit. (Reuters)


We Need to Secure Voting Machines: “It is extraordinary that a full year after the last presidential election, there is still enduring attention—among the public, in academia, in the executive branch, and on Capitol Hill—to the issue of election security. This moment presents a remarkable opportunity to take long-overdue steps toward securing federal and state elections. In the spirit of capitalizing on that moment, this post maps some of the current landscape, both with respect to the nature of the foreign threat, domestic considerations, and possible solutions,” writes Susan Hennessey on the Lawfare blog.  


Trump Team Should Fear the Logan Act: “In response to the Flynn plea and questions about the Logan Act, President Trump’s lawyer, Ty Cobb, said that the statute doesn’t apply to transition team members. But that claim is surely false. A president-elect and his team may certainly introduce themselves to foreign leaders and conduct discussions with them about foreign policy. But there is a wide gap between those activities and trying to persuade a foreign power to thwart the sitting president’s foreign operations and initiatives. The former is not prohibited by the Logan Act; the latter is flatly banned,” write Daniel Hemel and Eric Posner in the New York Times.


Myths About Reforming FISA: “As the New Year’s deadline for reauthorizing Section 702 of the Foreign Intelligence Surveillance Act (FISA) approaches, current and former government officials are waging a public relations campaign against bipartisan reform efforts needed to protect the rights of innocent Americans. Unfortunately, these attacks are rife with misleading statements and omissions that require correction. Here are a few of those false assertions, along with the facts,” writes Sen. Ron Wyden (D-OR) on the Just Security blog.

It’s Now an Obstruction Investigation: “Mueller’s theory appears to be straightforward: The FBI was investigating Russian meddling in the election and the possibility of Trump-campaign complicity in it. Even though Flynn’s interactions with Russian ambassador Sergei Kislyak did not amount to Trump-campaign collusion in Russia’s perfidy, they did show that the Trump transition was dabbling in foreign relations with the Putin regime (among other foreign governments) and was attempting to undermine the policy of the incumbent Obama administration — at least on the U.N. resolution condemning Israel,” writes Andrew C. McCarthy in the National Review.


Center on National Security
Fordham University School of Law
150 W. 62nd St. 7th Floor
New York, NY 10023 US
Copyright © 2016 Center on National Security, All rights reserved.